Change all default passwords, create unique local administrator passwords and disable unused accounts
Many connected devices and even certain software, have default passwords that do not always have to be changed when they are first used. Disable the default administrator accounts or assign a unique and random passphrase to avoid propagation using shared local administrator accounts.
The default passwords are a security loophole that is very easy to exploit because they are widely known and easy to use. There are databases out there with lists of these accounts and passwords!
Disable these default (administrator) accounts or assign passphrases that are random and unique for each.